469 projects tagged "Firewalls"

No download Website Updated 27 Jul 2001 seven's IPtables script

Screenshot
Pop 32.31
Vit 2.24

seven's IPtables script features extensive logging of all connection attempts, user-definable log-levels, protection against various DoS attacks, detection of multiple portscan types, user-defined trusted hosts, and user-defined "open"-ports.

Download Website Updated 30 Jan 2001 sifi

Screenshot
Pop 11.36
Vit 2.13

The SINUS Firewall is a TCP/IP packet filter for Linux. Some of its features are stateful inspection of TCP communications, text-based configuration, graphical management interface for configuration of several firewalls, dynamic rules, prevention of packet and address spoofing, extensive logging, alerting, and counter intelligence.

Download Website Updated 13 Jun 2007 sipscreen

Screenshot
Pop 31.94
Vit 1.00

sipscreen is a Linux iptables QUEUE target handler for screening inbound SIP phone calls flowing through a Linux gateway. If you have a Vonage appliance, or other voice-over-IP adapter located behind a Linux router, you may find sipscreen useful for accepting or rejecting calls based on the caller ID information, time of day, or other custom algorithms.

Download Website Updated 24 Aug 2001 ssh-smart

Screenshot
Pop 36.33
Vit 1.00

ssh-smart is a basic proof-of-concept implementation of ssh authentication via smartcard. The smartcard which is used to store the ssh identity is a memory card (I2C 16KBIT/2048 bytes). ssh-smart uses multiple Perl scripts and the smartcard program to establish communication with the reader and the memory card. It has only been tested with the Towitoko chip drive micro, but it could work with other card reader terminal drivers using the CT-API library. The project is in an early stage of development and a lot has to be done before it can be considered a reliable solution to store an ssh identity in a secure way.

Download Website Updated 17 Apr 2014 sshdfilter

Screenshot
Pop 234.04
Vit 3.94

sshdfilter automatically blocks ssh brute force attacks by reading sshd log output in real time and adding iptables rules based on authentication failures. Block rules are created by logging on with an invalid user name, or wrongly guessing the password for an existing account. Block rules are removed after a week to maintain a small list of blocks. It also comes with a LogWatch filter.

Download Website Updated 14 Feb 2011 sshguard

Screenshot
Pop 327.12
Vit 7.75

Sshguard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. Sshguard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication.

No download Website Updated 23 Mar 2014 sslh

Screenshot
Pop 429.80
Vit 21.49

sslh accepts connections in HTTP, HTTPS, SSH, OpenVPN, tinc, XMPP, or any other protocol that can be tested using a regular expression, on the same port. This makes it possible to connect to any of these servers on port 443 (e.g. from inside corporate firewalls, which almost never block port 443) while still serving HTTPS on that port. sslh supports IPv6, privilege dropping, transparent proxying, and much more.

Download Website Updated 31 Jul 2002 tcptraceroute

Screenshot
Pop 171.51
Vit 2.09

tcptraceroute is a traceroute implementation using TCP SYN packets, instead of the more traditional UDP or ICMP ECHO packets. In doing so, it is able to trace through many common firewall filters.

Download Website Updated 17 Sep 2001 tcpxd

Screenshot
Pop 59.08
Vit 2.12

tcpxd is a TCP/IP relay or proxy, allowing a connection to a port on a system to be forwarded to another port on any other system. It is useful for firewalls and service relocations, and is small, simple, and fast. It's also easier to learn than netcat and supports TCP_NODELAY, alternate local ports, partial connection closures, and non-blocking connects.

Download Website Updated 13 Mar 2002 theWall

Screenshot
Pop 27.39
Vit 1.76

theWall is a single floppy firewall and NAT box based on PicoBSD/FreeBSD. The primary aim is to allow a small network to share a cable modem or DSL Internet connection. It currently supports static, DHCP, or PPPoE IP address assignment.

Screenshot

Project Spotlight

GNU Gatekeeper

A free H.323 gatekeeper.

Screenshot

Project Spotlight

SPINA

Structure parameter inference approach for endocrine feedback control.